Intrusion Prevention

HP.Software.Update.Tool.ActiveX.Control.File.Overwrite

Description

This indicates an attempt to exploit an arbitrary file overwrite vulnerability in HP Software Update, shipped with many HP systems.
The vulnerability is due to a design weakness in an ActiveX component that is used to download patches and updates for HP software. A remote attacker can exploit the vulnerability by persuading a target user to open a malicious web page that can then overwrite sensitive files on the local file system. By doing this the attacker can corrupt the operating system and/or execute arbitrary code with the privileges of the logged in user.

Affected Products

HP Software Update 3.0.8.4

Impact

System Compromise: privilege escalation

Recommended Actions

Refer to HPSBGN02301 SSRT071508 rev.2 for patch, upgrade, or suggested workaround information:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01311918&jumpid=reg_R1002_USEN.

CVE References

CVE-2007-6506